Encryption: UK data watchdog criticises government campaign
- Published
A Home Office-backed campaign against the rollout of ultra-secure messaging apps by social media firms has been criticised by the UK data watchdog.
The No Place to Hide campaign says Facebook should abandon plans for end-to-end encryption in its Messenger app, saying it helps to hide child abuse.
But the Information Commissioner's Office argues the technology strengthens children's online safety.
A delay "leaves everyone at risk, including children," it told the BBC.
Stephen Bonner, the ICO's executive director for innovation and technology, said end-to-end encryption helped keep children safe online by not allowing "criminals and abusers to send them harmful content or access their pictures or location".
"The discussion on end-to-end encryption use is too unbalanced to make a wise and informed choice. There is too much focus on the costs without also weighing up the significant benefits," he said.
End-to-end encryption (E2EE) is already used in the hugely popular WhatsApp, iMessage and Signal apps.
Meta plans to add it to Facebook Messenger and Instagram direct messages in 2023.
The system scrambles the contents of messages and calls so that only the end users can understand the data. Even the company processing the communications cannot decrypt the content which means that law enforcement are unable to access the information to potentially catch or convict criminal using the technology.
For years, authorities in the UK, Australia, Canada, New Zealand, US, India and Japan, plus law enforcement agencies such as Interpol and the UK's National Crime Agency (NCA) have criticised the technology.
Identify abusers
Launching the campaign, external on Tuesday, a spokesperson for the No Place To Hide initiative said that rolling out E2EE would be "like turning the lights off on the ability to identify child sex abusers online".
Videos have been released on social media claiming that the technology will put children at risk from predators.
The campaign says it is "not opposed to end-to-encryption in principle" but wants social media companies to "find a solution that protects privacy without putting children at even greater risk".
The Home Office backed the campaign launch, saying: "Our view is that online privacy and cyber-security must be protected, but that these are compatible with safety measures that can ensure the detection of child sexual exploitation and abuse."
But it declined to respond to the intervention by the ICO,, external an independent public body which reports to the government.
The ICO argues that E2EE serves an important role in safeguarding privacy and online safety and says it looks forward to being a participant in the continuing discussion around the tech.
"Having access to encrypted content is not the only way to catch abusers," Mr Bonner said.
"Law enforcers have other methods such as listening to reports of those targeted, infiltrating the groups planning these offences, using evidence from convicted abusers and their systems to identify other offenders."
The ICO says the government should continue to maximise law enforcement techniques instead of seeking to weaken encryption.
"Until we look properly at the consequences, it is hard to see any case for reconsidering the use of E2EE," it said.
Rob Jones from the National Crime Agency told the BBC any move to roll out of end-to-end encryption needed to "maintain the ability to protect children and identify images of abuse. A jump to E2EE without this capability risks turning the lights out for law enforcement worldwide".
He added: "The NCA and UK policing currently make over 500 arrests and safeguard more than 650 children every month as a direct result of industry reports of child sexual abuse material.
"That will become much more challenging under E2EE."
- Published19 January 2022
- Published18 January 2022